Alleged Fruitfly creator faces decades in prison if guilty

A computer programmer has been accused of hacking, committing identity theft, and creating child pornography after allegedly developing custom malware to take control of thousands of computers.

Phillip Durachinsky, 28, of North Royalton, Ohio, USA, was indicted on Wednesday on 16 separate charges relating to the alleged creation of malware dubbed Fruitfly, which could commandeer infected macOS and Windows PC systems. Prosecutors claim Durachinsky used the code to spy on thousands of people in a campaign that started in 2003, when he was just a teenager.

"For more than 13 years, Phillip Durachinsky allegedly infected with malware the computers of thousands of Americans and stole their most personal data and communications," said Acting Assistant Attorney General John Cronan.

"This case is an example of the Justice Department's continued efforts to hold accountable cybercriminals who invade the privacy of others and exploit technology for their own ends."

According to court documents [PDF] filed in Ohio, Durachinsky created the malware to harvest keystrokes and snoop on web browser activity on infected systems. It also allowed the operator to watch and listen in on the victims via their webcams and microphones, and otherwise take full control of infected machines.

Prosecutors claimed the malware was configured to activate when the user of a compromised computer typed in search terms related to pornography. The Feds said he slurped millions of images from his victims' cameras. It sounds as though the spyware would deliberate surveil people – kids and adults – as they browsed the web, particularly if they were looking at smut, and beam the pictures back to Durachinsky, allegedly.

'Ancient' Mac backdoor discovered that targets medical research firms

"This defendant is alleged to have spent more than a decade spying on people across the country and accessing their personal information," said First Assistant US Attorney David Sierleja.

The Fruitfly malware had computer security researchers puzzled for some time. The code was an interesting mix of very old and new coding styles. One suspicion was that it was state-sponsored malware, another that it was an espionage tool.

US prosecutors claimed they got involved after the malware cropped up multiple times on the servers of Case Western Reserve University. This led to an investigation and the arrest of Durachinsky. The FBI said the software nasty was later found on the US Department of Energy network, as well as in a police department and various schools.

"Durachinsky is alleged to have utilized his sophisticated cyber skills with ill intent, compromising numerous systems and individual computers," said Special Agent in Charge Stephen Anthony.

"The FBI would like to commend the compromised entities that brought this to the attention of law enforcement authorities. It is this kind of collaboration that has enabled authorities to bring this cyber hacker to justice." ®